7049079: NTSYSTEM CLASS IS LEAKING WINDOWS TOKENS

Reviewed-by: weijun
2026-02-22 08:21:27 +00:00 · 2011-09-05 11:28:23 +01:00 · 2011-09-05 11:28:23 +01:00 · 92de2299c5
commit 92de2299c5
parent b0fb95c8d3
2 changed files with 25 additions and 23 deletions
--- a/jdk/src/share/classes/com/sun/security/auth/module/NTSystem.java
+++ b/jdk/src/share/classes/com/sun/security/auth/module/NTSystem.java
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -33,6 +33,7 @@ package com.sun.security.auth.module;
 public class NTSystem {

    private native void getCurrent(boolean debug);
+    private native long getImpersonationToken0();

    private String userName;
    private String domain;
@ -132,10 +133,14 @@ public class NTSystem {
     *
     * @return an impersonation token for the current NT user.
     */
-    public long getImpersonationToken() {
+    public synchronized long getImpersonationToken() {
+        if (impersonationToken == 0) {
+            impersonationToken = getImpersonationToken0();
+        }
        return impersonationToken;
    }

+
    private void loadNative() {
        System.loadLibrary("jaas_nt");
    }
--- a/jdk/src/windows/native/com/sun/security/auth/module/nt.c
+++ b/jdk/src/windows/native/com/sun/security/auth/module/nt.c
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2004, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -43,6 +43,19 @@ BOOL getImpersonationToken(PHANDLE impersonationToken);
 BOOL getTextualSid(PSID pSid, LPTSTR TextualSid, LPDWORD lpdwBufferLen);
 void DisplayErrorText(DWORD dwLastError);

+JNIEXPORT jlong JNICALL
+Java_com_sun_security_auth_module_NTSystem_getImpersonationToken0
+        (JNIEnv *env, jobject obj) {
+    HANDLE impersonationToken = 0;      // impersonation token
+    if (debug) {
+        printf("getting impersonation token\n");
+    }
+    if (getImpersonationToken(&impersonationToken) == FALSE) {
+        return 0;
+    }
+    return (jlong)impersonationToken;
+}
+
 JNIEXPORT void JNICALL
 Java_com_sun_security_auth_module_NTSystem_getCurrent
    (JNIEnv *env, jobject obj, jboolean debugNative) {
@ -59,7 +72,6 @@ Java_com_sun_security_auth_module_NTSystem_getCurrent
    DWORD numGroups = 0;                // num groups
    LPTSTR *groups = NULL;              // groups array
    long pIndex = -1;                   // index of primaryGroup in groups array
-    HANDLE impersonationToken = 0;      // impersonation token

    jfieldID fid;
    jstring jstr;
@ -100,13 +112,6 @@ Java_com_sun_security_auth_module_NTSystem_getCurrent
        return;
    }

-    if (debug) {
-        printf("getting impersonation token\n");
-    }
-    if (getImpersonationToken(&impersonationToken) == FALSE) {
-        return;
-    }
-
    // then set values into NTSystem

    fid = (*env)->GetFieldID(env, cls, "userName", "Ljava/lang/String;");
@ -233,18 +238,6 @@ Java_com_sun_security_auth_module_NTSystem_getCurrent
        (*env)->SetObjectField(env, obj, fid, jgroups);
    }

-    fid = (*env)->GetFieldID(env, cls, "impersonationToken", "J");
-    if (fid == 0) {
-        jclass newExcCls =
-            (*env)->FindClass(env, "java/lang/IllegalArgumentException");
-        if (newExcCls == 0) {
-            systemError = TRUE;
-            goto out;
-        }
-        (*env)->ThrowNew(env, newExcCls, "invalid field: impersonationToken");
-    }
-    (*env)->SetLongField(env, obj, fid, (jlong)impersonationToken);
-
 out:
    if (userName != NULL) {
        HeapFree(GetProcessHeap(), 0, userName);
@ -269,6 +262,7 @@ out:
        }
        HeapFree(GetProcessHeap(), 0, groups);
    }
+    CloseHandle(tokenHandle);

    if (systemError && debug) {
        printf("  [getCurrent] System Error: ");
@ -592,6 +586,7 @@ BOOL getImpersonationToken(PHANDLE impersonationToken) {
        }
        return FALSE;
    }
+    CloseHandle(dupToken);

    if (debug) {
        printf("  [getImpersonationToken] token = %d\n", *impersonationToken);
@ -802,6 +797,8 @@ void main(int argc, char *argv[]) {
        }
        HeapFree(GetProcessHeap(), 0, groups);
    }
+    CloseHandle(impersonationToken);
+    CloseHandle(tokenHandle);
 }
 */